<?php 
require_once("Includes/connection.php");
require_once("Includes/functions.php");
session_start();
if(isset($_SESSION['username'])){
	session_destroy();
	session_start();
}
$wrong=array(0,0,0,0,0,0,0,0,0,0);
if(isset($_POST['submit_login'])){
	if(!empty($_POST['login_email']) && !empty($_POST['login_password'])){
		if(validate_email($_POST['login_email']) && char_and_symbols($_POST['login_password'])){
			$query = sprintf("SELECT * FROM users WHERE email='%s' and password='%s'",mysql_real_escape_string($_POST['login_email']),mysql_real_escape_string(hash('md5',$_POST['login_password'])));
			$result = mysql_query($query);
			if(mysql_num_rows($result) >= 1){
				$_SESSION['username']=$_POST['login_email'];
				header('Location: home.php');
			}
			else{
				$first_name='';
				$last_name='';
				$email='';
				$first_password='';
				$second_password='';
				$city='';
				$state='';
				$country='';
				$day='';
				$month='';
				$year='';
				$login_password='';			
				$login_email=$_POST['login_email'];		
				$wrong[8]=1;		
			}
		}
		else{
			$first_name='';
			$last_name='';
			$email='';
			$first_password='';
			$second_password='';
			$city='';
			$state='';
			$country='';
			$day='';
			$month='';
			$year='';
			$login_password='';			
			$login_email=$_POST['login_email'];
			$wrong[8]=1;
		}
	}
	else{
		$first_name='';
		$last_name='';
		$email='';
		$first_password='';
		$second_password='';
		$city='';
		$state='';
		$country='';
		$day='';
		$month='';
		$year='';	
		$wrong[9]=1;
		$login_password='';
		if(empty($_POST['login_email'])){
			$login_email='';
		}
		else{
			$login_email=$_POST['login_email'];
		}
	}
}
elseif(isset($_POST['submit_sign_up'])){
	if(empty($_POST['email'])){
		$email='';
		$wrong[0]=1;
	}
	else{
		if(validate_email($_POST['email'])){
			$query = sprintf("SELECT email FROM users WHERE email='%s'",mysql_real_escape_string($_POST['email']));
			$result = mysql_query($query);		
			if (mysql_num_rows($result) >= 1){
				$email='';
				$wrong[1]=1;
			}
			else{
				$email=trim($_POST['email']);
			}
		}
		else{
			$wrong[0]=1;
			$email='';
		}
	}
	if(empty($_POST['first_password'])){
		$first_password='';
		$wrong[2]=1;
	}
	else{
		if(char_and_symbols($_POST['first_password'])){
			$first_password=trim($_POST['first_password']);
		}
		else{
			$first_password='';
			$wrong[2]=1;
		}		
	}
	if(empty($_POST['second_password'])){
		$second_password='';
		$wrong[3]=1;
	}
	else{
		if(char_and_symbols($_POST['second_password'])){
			$second_password=trim($_POST['second_password']);
		}
		else{
			$second_password='';
			$wrong[3]=1;
		}		
	}
	if(empty($_POST['city'])){
		$city='';
		$wrong[4]=1;
	}
	else{
		if(char_and_symbols($_POST['city'])){
			$city=trim($_POST['city']);
		}
		else{
			$city='';
			$wrong[4]=1;
		}		
	}
	if(empty($_POST['state'])){
		$state='';
		$wrong[5]=1;
	}
	else{
		if(char_and_symbols($_POST['state'])){
			$state=trim($_POST['state']);
		}
		else{
			$state='';
			$wrong[5]=1;
		}		
	}
	if(empty($_POST['country'])){
		$country='';
		$wrong[6]=1;
	}
	else{
		if(char_and_symbols($_POST['country'])){
			$country=trim($_POST['country']);
		}
		else{
			$country='';
			$wrong[6]=1;
		}		
	}
	if($first_password!=$second_password){
		$second_password='';
		$first_password='';
		$wrong[7]=1;
	}
	if($wrong[0]==0 && $wrong[1]==0 && $wrong[2]==0 && $wrong[3]==0 && $wrong[4]==0 && $wrong[5]==0 && $wrong[6]==0 && $wrong[7]==0){
		$ipaddr=$_SERVER['REMOTE_ADDR'];
		$created=date("Y-m-d H:i:s");
		$query = sprintf("INSERT INTO users (email, password, ipaddr, city, state, country, created, updated) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
		mysql_real_escape_string($email), mysql_real_escape_string(hash('md5',$first_password)), mysql_real_escape_string($ipaddr), mysql_real_escape_string($city), mysql_real_escape_string($state), 
		mysql_real_escape_string($country), mysql_real_escape_string($created), mysql_real_escape_string($created));
		mysql_query($query);//echo mysql_error();echo $query;die();
		$_SESSION['username']=$email;
		header('Location: profile.php');
	}
	$login_password='';
	$login_email='';
}
else{
	$first_name='';
	$last_name='';
	$email='';
	$first_password='';
	$second_password='';
	$city='';
	$state='';
	$country='';
	$day='';
	$month='';
	$year='';
	$login_password='';
	$login_email='';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="css/index.css" />
<title>Q&A</title>
</head>
<body>
	<div id="header">
    	<form action="index.php" method="post">
    	<table id="header_table">
        <tr>
        <td style="text-align:left; width:143px;">
        <img src="images/logo_qanda.gif" height="80"/>
        </td><td style="text-align:left;"> 
        <h1 style="height:auto;">ACM RUM Q&A </h1>
        </td><td>
        	<table id="login">
            <tr>
            <td align="left">Email:</td>
            <td colspan="2" align="left">Password:</td>
            </tr><tr>
            <td><input type="text" name="login_email" maxlength="100" size="15" value="<?php echo htmlentities($login_email); ?>"/></td>
            <td><input type="password" name="login_password" maxlength="100" size="15" value="<?php echo htmlentities($login_password); ?>"/></td>
            <td><input type="submit" name="submit_login" value="Login" /></td>
            </tr><?php
            if($wrong[8]==1 || $wrong[9]==1){
				echo '<tr><td style=" text-align:center; font-weight:bold;" colspan="3">';
				if($wrong[8]==1){echo 'Incorrect email and password combination.';}
				if($wrong[9]==1){echo 'Please fill both fields.';}
				echo '</td></tr>';		
			}?>
            </table>
        </td>            
        </tr>
        </table>
        </form>
    </div>
    <div id="container">
    	<table id="table_home">
        <tr>
        <td>
        <div id="sign_up">
        	<form action="index.php" method="post">
            <table id="table_sing_up">
            <tr>
            <th colspan="2"><h1>Register</h1></th>
            </tr><tr>
            <td id="td_left"><?php if($wrong[0]==0 && $wrong[1]==0){echo'Email:';}else{echo 'Email:<span style="color:red">*</span>';}?></td><td width="295"><input type="text" name="email" maxlength="100" size="30" value="<?php echo htmlentities($email); ?>"/></td>
            </tr><tr>
            <td id="td_left"><?php if($wrong[2]==0){echo'Password:';}else{echo 'Password:<span style="color:red">*</span>';}?></td><td><input type="password" name="first_password" maxlength="100" size="30" value="<?php echo htmlentities($first_password); ?>"/></td>
            </tr><tr>
            <td id="td_left"><?php if($wrong[3]==0){echo'Re-enter Password:';}else{echo 'Re-enter Password:<span style="color:red">*</span>';}?></td><td><input type="password" name="second_password" maxlength="100" size="30" value="<?php echo htmlentities($second_password); ?>"/></td>
            </tr><tr>
            <td id="td_left"><?php if($wrong[4]==0){echo'City:';}else{echo 'City:<span style="color:red">*</span>';}?></td><td><input type="text" name="city" maxlength="100" size="30" value="<?php echo htmlentities($city); ?>"/></td>
            </tr><tr>
            <td id="td_left"><?php if($wrong[5]==0){echo'State:';}else{echo 'State:<span style="color:red">*</span>';}?></td><td><input type="text" name="state" maxlength="100" size="30" value="<?php echo htmlentities($state); ?>"/></td>
            </tr><tr>
            <td id="td_left"><?php if($wrong[6]==0){echo'Country:';}else{echo 'Country:<span style="color:red">*</span>';}?></td><td><input type="text" name="country" maxlength="100" size="30" value="<?php echo htmlentities($country); ?>"/></td>
            </tr><tr>            
            <td colspan="2" id="td_left" style="text-align:center;"><input type="submit" name="submit_sign_up" value="Sign Up" /></td></tr>
            <tr><td colspan="2">
            <?php 
			if($wrong[0]==1 || $wrong[1]==1 || $wrong[2]==1 || $wrong[3]==1 || $wrong[4]==1 || $wrong[5]==1 || $wrong[6]==1 || $wrong[7]==1){
					echo '<table>';              
					if($wrong[0]==1 || $wrong[2]==1 || $wrong[4]==1 || $wrong[5]==1 || $wrong[6]==1){ echo '<tr><td><span style="color:red;">Please fill all the fields.</span></td></tr>';}
					if($wrong[1]==1){ echo '<tr><td><span style="color:red;">Your email is alredy in use.</span></td></tr>';}
					if($wrong[7]==1){ echo '<tr><td><span style="color:red;">Your passwords don\'t match.</span></td></tr>';}
                	echo '</table>';
			}?>
            </td>
            </tr>
            </table>
            </form>
        </div>
        </td>
        </tr>
        </table>
	</div>
</body>
</html>